Legal

Privacy

Last updated: 2026-06-09

CommunitySafe is operated by CyberWave Technologies LLC (cyberwaveglobal.com), a California limited liability company and the data controller for the purposes of the GDPR, the CCPA/CPRA, and equivalent laws. Privacy questions and data-subject requests: info@cyberwaveglobal.com.

What CommunitySafe does NOT collect

  • No demographic data — race, ethnicity, religion, age, gender, sexual orientation are not stored, displayed, or analyzed anywhere in the app.
  • No individual identification from public data — police-incident data is aggregated to neighborhood-level only; names, addresses below the block level, plates, and photos are never surfaced.
  • No persistent background tracking. Geolocation is requested only when you tap "Use my location" OR when you arm a Check-In timer / Live Share link (both opt-in). The mobile shells (iOS / Android) declare permissions for background-location, contacts, and camera so that if you opt into Check-In, Live Share, Trusted Contact import, or photo attachment, the OS allows it — none of these run without an explicit user action.
  • No data sales. CommunitySafe shows ads served by Google AdSense to cover hosting costs; ad scripts load only after you accept cookies via the consent banner — decline and no ad scripts or advertising cookies load. See the Advertising section below for what AdSense receives, what it doesn't, and how to opt out of personalized ads.
  • Browsing the map / safety scores / community feed does NOT require an account. Account-required features are explicitly labeled (Personal Safety, CommunitySafe posts).

What is stored on your device

CommunitySafe uses your browser's localStorage to remember preferences and speed up subsequent loads. Items in localStorage are not transmitted to our servers except where noted (the anonymous session token is sent to authorize protected API calls).

  • travelsafe.session.v2 — a non-sensitive sign-in marker telling the app a session exists. The session token itself is stored in a secure HttpOnly cookie that JavaScript cannot read, so a script injection can't steal it; the cookie is what authorizes protected API calls.
  • travelsafe.city.v1 — currently-selected city.
  • travelsafe.area.v1 — currently-picked neighborhood, per city.
  • travelsafe.saved-areas.v1 — your saved neighborhoods (up to 5).
  • travelsafe.swr.v1.* — cached API responses for snappy navigation (15-min TTL).
  • travelsafe.safety.disclaimer.ack — flag that you've dismissed the Personal Safety disclaimer.
  • travelsafe.assistant.* — your AI Assistant conversation history. Kept locally so you can review past answers; the prompts themselves are transmitted to our AI provider — see AI Assistant below.
  • cs.age.v1 — stores that you confirmed you're 13 or older.
  • cs.consent.v1 — stores your cookie-consent choice.

To clear everything: open your browser settings and delete site data for this domain, or open DevTools → Application → Local Storage → clear.

When you create a CommunitySafe account

The Personal Safety and CommunitySafe features require an account. When you register we store, in our database:

  • Your email address and a one-way hashed password (bcrypt — the plaintext is never written to disk and never transmitted to anyone). Optional display name.
  • If you enable two-factor authentication, an encrypted TOTP secret we use to verify your codes.
  • For each Trusted Contact you add: their email and/or phone number, the relationship label you chose, and your confirmation that you have their permission to contact them.
  • For each Check-In timer you arm: the scheduled expiry, your optional note, and the last latitude/longitude you shared to that timer.
  • For each Live Share link you generate: the cancel token, the recipient channel (email/SMS), the expiry, and — while the link is active — the most recent latitude/longitude your device broadcasts to it. That location is cleared when the link is revoked or expires.
  • For each Web Push subscription you opt into: the browser-issued endpoint URL and the two public crypto keys (used to encrypt notifications). Push subscriptions never carry personal content.
  • Your CommunitySafe post bodies, comments, and reports — and an append-only edit log if you revise a post.
  • Moderation records: post flags, suspensions, and any blocks/mutes you set.

You can export or delete your account directly from inside the app: go to Personal Safety → Your account & data. Export downloads a single JSON file with every record we hold about you. Deleting your account immediately and permanently removes your account and all associated records — posts, comments, check-in timers, trusted contacts, push subscriptions, and live-share links — from our servers, and signs you out everywhere. The removal happens at once and is irreversible; there is no recovery window. If you can't access your account, use the contact path in Contact below and we'll process the request within 30 days. Local browser data is not part of the server-side account and can be cleared at any time from your browser settings.

What we receive when you use the app (without an account)

  • Standard server logs from our hosting provider (IP address, user-agent, request path, timestamp). Retained up to 30 days; see Data retention below.
  • Anonymous rate-limiting state: short-lived counters keyed by a one-way hashed IP + endpoint to throttle abuse (for example, to cap anonymous community posting per source). The raw IP is never stored; these counters expire quickly and are purged automatically.

We do not sell, license, or share user-account data with third parties for advertising or marketing. CommunitySafe accounts, contacts, check-in timers, and posts are never transmitted to ad networks. AdSense's collection is limited to what the browser sends directly to Google when an ad slot loads, and only after you accept cookies (described in the Advertising section below).

Data retention

  • Account data (profile, posts, comments, contacts, timers, push subscriptions, live-share links) is kept until you delete it.
  • Security-audit logs are retained for 90 days.
  • Deleting your account permanently and irreversibly removes it and its associated records at the time of deletion.
  • Server / access logs are retained up to 30 days.
  • AI prompts are not retained by us — only by the AI sub-processor that handled the request, under its own retention terms.

Advertising

CommunitySafe shows ads served by Google AdSense to cover hosting costs, and this section describes what that involves. Ad scripts load only after you accept cookies via the consent banner; if you decline, no AdSense script and no advertising cookies load. AdSense is a Google product; its data practices are governed by Google's ad-policy disclosures.

What CommunitySafe sends to AdSense:

  • Nothing from our backend. Account records, contacts, timers, posts, and the personal-safety surfaces are not transmitted to AdSense.

Once you accept cookies, what your browser sends to Google when an ad slot loads (we do not control these):

  • The URL of the page you're viewing (so the ad context can be matched).
  • Your IP address, user-agent, language, and screen size.
  • Google's own advertising / measurement cookies, if you've previously consented under Google's consent prompt.

How to opt out of personalized ads:

  • Use Google's Ads Settings to turn off personalization for your Google account.
  • Use your browser's tracking-protection / cookie-blocking features. Ads will still show but won't be tailored to you.
  • For EU/UK/Swiss users, Google's consent prompt will appear before personalization begins.

Do Not Sell or Share My Personal Information (CCPA / CPRA)

California Civil Code §1798.135 requires every business that "sells" or "shares" personal information to surface a clear opt-out link. CommunitySafe does not sell or share personal information for cross-context behavioral advertising, monetary consideration, or any equivalent benefit. There is consequently no opt-out flow to surface — but for transparency we still affirm the position here:

  • We have not sold or shared personal information in the preceding 12 months.
  • We have no contractual relationship that would permit a third party to sell or share CommunitySafe-collected personal information on our behalf.
  • If this changes in the future, this page will surface a working "Do Not Sell or Share" control before any such sale or share occurs.

California residents can also exercise the right to limit the use of sensitive personal information; CommunitySafe does not process the categories California enumerates as sensitive (precise location is treated as personal — see Geolocation in the section above — and is only retained for the duration of an active Check-In or Live Share session you arm yourself).

Notice at collection. We collect the categories of personal information listed above — account and security information, community posts, and optional push subscriptions and trusted-contact details — solely to operate the service, and for no other purpose. We do not sell or share any of it.

Authorized agent. You may use an authorized agent to submit a privacy request; we may require proof of authorization.

Non-discrimination. We will not deny you service, charge you a different price, or provide a different quality of service for exercising your privacy rights.

AI Assistant

The optional AI Assistant runs your prompts through a third-party large language model. When you use an AI feature, your prompt is sent to one of our AI sub-processors — currently Groq (Llama models), Google (Gemini), or Anthropic (Claude, via the Vercel AI Gateway), selected automatically by availability. Each processes your prompt under its own privacy and retention terms; all are US-based. We do not retain your prompts ourselves. What this means:

  • The text of your prompt — including any free text you type and the recent conversation turns — is transmitted to the AI provider over HTTPS and processed by their model.
  • The assistant does NOT have access to your account data, your check-in timers, your contacts, or your location. It can call internal CommunitySafe tools that return aggregated city / neighborhood data (the same data the rest of the app shows).
  • Outputs are generated by a probabilistic model and can be inaccurate. Verify any numeric claim against the source URL the assistant cites.
  • We rate-limit the assistant to 10 requests per minute per IP to manage cost.
  • The selected sub-processor's own data-retention policy applies to prompts in transit and at rest on their side. We do not retain your prompts ourselves; review the privacy terms of Groq, Google, and Anthropic for how each handles them.

If you prefer not to use AI, simply don't open the Assistant tab — nothing else in the app sends data to the AI provider.

Third-party services your browser contacts

When you use certain parts of the app, your browser makes requests directly to:

  • Wikimedia Commons (upload.wikimedia.org) — source images for the city backdrops. Routed through our image optimizer in most cases so your IP isn't exposed.
  • CartoDB (basemaps.cartocdn.com) — basemap tiles for the crime map and safe-route view. Your IP is exposed to CartoDB for each tile request.
  • AI sub-processors (Groq, Google Gemini, or Anthropic via the Vercel AI Gateway) — only when you use the AI Assistant (above). Prompts are sent server-side; your IP is not directly exposed to the provider, but the contents of your prompt are.

Map routing (OpenStreetMap's OSRM) and all police open-data feeds are called from our server, not from your browser, so those services don't see your IP.

Error monitoring: Our backend API service can use Sentry for error monitoring when enabled. In that case, when an error occurs on that service Sentry receives your account ID and the request path to help us debug; it does not receive your email or IP address. It is not active on the main web application.

Public data sources we display

CommunitySafe surfaces police-incident data that the cities themselves publish through their official open-data portals (SDPD, LAPD, SFPD, Chicago PD, NYPD, Detroit PD, and dozens of others). We do not augment, predict, or editorialize that data. The FBI national-rate comparison comes from the FBI Crime Data Explorer 2023 release at cde.ucr.cjis.gov.

GDPR / CCPA / your rights

If you have a CommunitySafe account, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — correct any inaccurate data.
  • Erasure — delete your account and the associated records listed under "When you create a CommunitySafe account" above. The fastest path is the Delete my account button in Personal Safety; it immediately and permanently removes your account and its records and signs you out everywhere — this happens at once and is irreversible, with no recovery window. Replies left by other users on your deleted posts are removed along with the parent post, since the conversation is unintelligible without it.
  • Portability — request a machine-readable export.
  • Withdraw consent — disable Push, delete Trusted Contacts, or cancel pending Check-Ins from within the app at any time.

Access, portability, and erasure are self-service from the Personal Safety page. For rectification or any other request, or if you can't access your account, use the contact path in Contact below — we'll respond within 30 days. Note that even without an explicit account, browsing CommunitySafe creates an anonymous device session (a server-side User row keyed by a random device token, with a synthetic device-*@travelsafe.local email). That anonymous session is also a valid target for export and erasure through the same Personal Safety controls.

Children

CommunitySafe is not directed to children under 13 and we do not knowingly collect personal information from children. If you believe a child has created an account, email us and we will remove it.

Security

Passwords are hashed with bcrypt before storage. Transport is HTTPS-only with HSTS preload. Sensitive endpoints are gated behind per-user session tokens, and operator endpoints (cron, diagnostics) are gated behind a separate shared secret.

Contact

The fastest paths are in-app: Personal Safety → Your account & data for export / erasure, and the Report button on any post for content concerns. For anything else — corrections, questions about this policy, or DSAR requests you can't fulfill via the in-app controls — email info@cyberwaveglobal.com with "PRIVACY" in the subject line, and we'll respond within 30 days. Bug reports and code-level questions can also be opened on our GitHub issue tracker.